Papers, Please!

The Identity Project

Category Archives: Freedom To Travel

Dec 18 2008

US-EU agreement to disagree

Over the weekend Stewart Baker of the DHS posted an entry in the DHS “Leadership Journal” blog entitled U.S. and EU Agree on Data Protection Principles.  Readers unfamiliar with the “back story” might conclude from this — as Baker and the DHS no doubt hope they will — that some sort of formal negotiations have been concluded, and that the USA and the European Union have actually worked out their differences on privacy and data protection.

Not so at all.  Many details remain unclear, as has been typical of DHS international diplomacy. All the meetings of the previous so-called “EU US High Level Contact Group on information sharing and privacy and personal data protection” occurred in secret.  But the joint statement by a new group of selected officials from US and EU executive agencies, released as an attachment to Baker’s blog post, indicates essentially the same impasse remains as existed when the “High Level Contact Group” made its final report in May 2008:

Read More

Nov 26 2008

Border Agents Begin Using “Long-Range” RFID Scanners on ID Cards

USA Today has a story on the new long-range RFID scanners reading ID cards as individuals drive toward the border.

“By the time a car stops at the Customs booth, the agent will have the photos and information of everyone in the car. If a name is on a watch list or database, the person will be taken in for questioning. The system will be “more efficient,” says Thomas Winkowski of Customs and Border Protection.”

DHS claims that the unsecured wireless transmissions will make border crossing more efficient, but why is Homeland Security choosing speed over security.

As we’ve explained before, there are numerous privacy and civil liberty problems connected with using RFID tags in identification documents. Off-the-shelf readers can easily skim the data.

Currently, the RFID-enabled ID cards only transmit a unique number to allow border agents to pull up an individual’s file. However, the Department of Homeland Security could easily add more data to the ID card, especially if the agency can convince people to use the RFID-enabled card as an “all-in-one” identification document – where you could use it when you go to the bank, grocery store, gym, school, and more. Read More

Nov 10 2008

The Obama Administration and the Right to Travel

The Obama Administration promises change, and invites suggestions for their agenda.

Since they’ve asked, here are the first things we think the new administration should do to restore our right to travel, and to address the issues of ID requirements and identity-based government surveillance and control of travel and movement.

Some of these can be accomplished with the stroke of a pen on Inauguration Day in January, through Presidential proclamations and directives to Executive staff and agencies.  Others can be ordered by the President, but will require a slightly longer process to comply with administrative notice and comment requirements for changes to (and, in many cases, withdrawal of) Federal regulations.  Others will require legislation, which we urge the Presidential transition team and members of Congress to begin drafting so they can take action early in the new Congressional session. If asked, we would be available to advise and participate in this process. Finally, Senators should question nominees for Executive appointments —especially those nominated to be the new Secretary of Homeland Security and the Administrator of the TSA – about how they will address specific, important issues from the day they take office. These questions are detailed below (and also available here in PDF format).

Executive Orders:

  1. Reaffirm Executive Order 13107 on Implementation of Human Rights Treaties, and instruct heads of agencies to ensure that it is carried out.  As part of his agenda, President-Elect Obama has promised to “strengthen civil rights enforcement,” and this should include enforcement of rights guaranteed by international human rights treaties to which the U.S. is a party.  In particular, President-Elect Obama should extend Executive Order 13107 to explicitly mandate consideration of international human rights treaties in Federal agency rulemakings that could implicate rights protected under those treaties — such as the freedom of movement guaranteed by Article 12 of the International Covenant on Civil and Political Rights (ICCPR). Read More
Oct 27 2008

Where is “Secure Flight” headed next?

Now that the TSA has released their final rule for the Secure Flight program, which would extend DHS control and surveillance of airline passengers to domestic flights, what happens next (after the final rule is published in the Federal Register, which normally happens within a week or so)?

Under the laws appropriating the funds for TSA and DHS operations, the next step should be review by the Government Accountability Office (GAO).  Section 522 of the Homeland Security Appropriations Act 2005 provides:

None of the funds provided by this or previous appropriations Acts may be obligated for deployment or implementation, on other than a test basis, of the Computer Assisted Passenger Prescreening System (CAPPS II) or Secure Flight or other follow on/successor programs, that the Transportation Security Administration (TSA), or any other Department of Homeland Security component, plans to utilize to screen aviation passengers, until the Government Accountability Office has reported to the Committees on Appropriations of the Senate and the House of Representatives that: [10 specified criteria have been met]. Read More

Oct 23 2008

Radio hour today on “Secure Flight”

Edward Hasbrouck of the Identity Project will be on the Katherine Albrecht Show today from 5-6 p.m. Eastern Time (2-3 p.m. Pacific time), talking about Secure Flight. The Katherine Albrecht Show is syndicated nationally on the Genesis Communications Network. You can also listen to the show live online, and we’ll be taking listener questions on the air. If you missed the live broadcast, the archive of this hour of the show is available here as a downloadable mp3 podcast.

Oct 22 2008

Large Aircraft Security Program and “Watch-List Service Providers”

Even before the Secure Flight proposal goes into effect (and before there is any experience of whether it can be implemented or how it will work), the TSA is proposing to extend its air travel control and surveillance principles from passenger airlines to general aviation and all-cargo flights.

On October 9, 2008, the TSA issued a press release and a Notice of Proposed Rulemaking (NPRM) for a so-called “Large Aircraft Security Program” (LASP) for unscheduled and noncommerical flights.  LASP is explicitly modeled on Secure Flight, but with an additional twist: Instead of being required to submit personal information about each passenger to, and receive permisison from, the TSA, operators of “large” general aviation and cargo aircraft will be required to submit this data to, and get permisison from, a new class of private commercial data aggregation companies: “Watch-List Service Providers”.

Read More

Oct 22 2008

TSA won’t give up on “Secure Flight” travel permission and surveillance scheme

The DHS and TSA announced their final rule for the Secure Flight program for the control and surveillance of airline passengers during a photo op today at Reagan National Airport.

We aren’t among the journalists to whom the TSA’s anonymous spin doctors chose to leak their plans.  We’ll have more comments after we have reviewed the complete 195-page regulatory notice in more detail.

But our first reading of the “final rule” released today, as well as recent TSA and DHS comments about Secure Flight, including their press release today and testimony at a Congressional hearing we attended last month, suggest that their plans remain essentially unchanged from the Secure Flight proposal announced last year, and which we urged the TSA to withdraw as illegal in our testimony at the TSA’s public hearing and our more detailed written comments.

The DHS’s current spin on why we should love Big Brother and welcome Secure Flight is that it would reduce the number of people who are improperly prevented from flying or improperly subjected to more intrusive “secondary” search and/or interrogation, by “transferring watchlist matching from the airlines to the government”.

But the solution to the problems with “watchlists” is not to tighten their enforcement, but to replace secret administrative “no-fly” and “selectee” determinations with judicial determinations of dangerousness, made by judges in response to government motions for injunctions or restraining orders, and presentation of evidence sufficient to show that they pose a danger to aviation so great as to warrant restriction of their Constitutional and human rights to freedom of travel, assembly, and movement.  We don’t need to establish a new system of (secret) administrative pseudo-justice.  That’s what the courts are for, and they already have an established system of due process and review, including procedures for dealing safely with classified evidence related to national security. Read More

Oct 21 2008

TSA Expands Electronic Boarding Pass Scanning Program

The Transportation Security Administration is expanding its electronic boarding pass pilot program. This system will make it easier for TSA to be able to gather and track individual travel data. The program began in Houston in December 2007 and added more airports in April. Here’s how the program works, according to TSA:

The electronic boarding pass contains a two-dimensional (2-D) barcode encrypted with specific passenger information, such as the traveler’s name and flight information.

At the checkpoint, passengers present their cell phones or PDA to a TSA travel document checking officer. The officer will scan the encrypted barcode using a handheld device to verify its authenticity. Passengers will still be required to show photo identification so officers can validate that the name on the boarding pass matches the name on the ID.

In fact, why doesn’t TSA take this to the next step? If the agency already knows who has a boarding pass from data sent by the airlines (to verify the pass’s authenticity), then why doesn’t TSA just tell travelers to use our ID cards as our boarding passes? “Save a tree — show your ID.”

TSA is already planning on using the boarding pass scanners nationwide to collect data. “Once the hand-held scanners are deployed nationwide, TSA will also use this technology to track wait times using standardized automated data collected at checkpoints. This development is expected to happen within about a year,” says TSA. Read More

Oct 09 2008

Transportation Security Administration Likely to Relax Restrictions on Liquids Next Year

The head of the Transportation Security Administration, Kip Hawley, says that the agency will likely relax its restrictions on liquids on commercial flights next year, the Wall Street Journal reports. The rules were put in place after an alleged plot to bring “a liquid bomb” onto planes heading to the US from the UK.

In a post on TSA’s blog, Hawley said that TSA believes, “widespread deployment of new multi-view x-ray systems with an enhanced algorithm that detects specific liquids remains about a year away. But the multi-view x-ray itself is a significant improvement over the standard x-ray that’s been at the checkpoint since its inception in the 1970s.” Once the technology is ready, Hawley says that the agency will be more flexible toward liquids brought on by air travelers.

Security expert Bruce Schneier, among others, has questioned the efficacy of these restrictions on liquid and TSA security procedures generally. In a recent column, Schneier explained the security holes in TSA’s restrictions. Read More

Sep 23 2008

How to Circumvent the Watch Lists: Change Your Name

The CBC has an interesting story that exemplifies a significant problem with the watch lists: It is very easy to get around the lists.

Mario Labbé, an executive with a Montreal-based record company, says his Canadian passport triggers a red alert on the computers of U.S. customs agents every time he tries to board a flight to the U.S. —
which is about once a month for the past seven years. […]

Although Labbé wrote letters to the U.S. department, his efforts were in vain, prompting him to legally change his name.

“So now, my official name is François Mario Labbé,” he said.

“Then you have to change everything: driver’s license, social insurance, medicare, credit card — everything.”

Although it’s not a big change from Mario Labbé, he said it’s been enough to foil the U.S. customs computers.

In the US, there have been other examples of innocent people trying to work around the terrorist watch lists. For example, eight-year-old James Robinson has had numerous problems because he is continuing mismatch to the watch lists. His family has had to make changes in order to get eight-year-old James on to flights.

According to CNN, “Denise Robinson says she tells the skycaps her son is on the list, tips heavily and is given boarding passes. And booking her son as “J. Pierce Robinson” also has let the family bypass the watch list hassle.

The ease with which someone can circumvent the watch lists illustrates the utter futility of identity-based security programs as a whole. Rather than waste time and money, and needlessly sacrifice liberty in the process of conducting this security theater, TSA should concentrate more on its job of preventing weapons and explosives from getting on planes.